Today the national and federal press announced a “massive” breach of federal personnel data housed at the Office of Personnel Management (OPM) within the Department of Homeland Security (DHS). Following an earlier breach discovered in March 2014, the breach is said to have exposed the personally identifiable information (PII) of up to four million federal employees. The Washington Postreported that U.S. officials suspect the Chinese government to be behind the attack, which represents “the second significant foreign breach into U.S. government networks in recent months.”

Brian Krebs of Krebs on
Security just posted an article
on RDP hacks that exploit weak or default login credentials, and goes on to describe how that provides the basis for a cybercrime business. His article explains that Makost[dot]net
rents access to more than 6000 poorly configured and, therefore, compromised Remote
Desktop Protocol (RDP)-enabled servers around the globe. As Krebs says, “…the
attackers simply needed to scan the Internet for hosts listening on port 3389
(Microsoft RDP), identify valid usernames, and then try the same username as
the password.” It’s a classic brute-force
attack and it’s aimed directly at an extremely weak target.

Many people on first
reading this would consider this capability a “vulnerability” of Windows, but
that’s like saying that an automated teller machine (ATM) has a “vulnerability”
that allows you to get cash from your bank account. It’s a feature of the
operating system and Windows is not alone in exposing functionality like it.